This morning I dropped my LG G4 (android 6 Marshmallow) phone and shattered the display. I plan to buy a new shiny phone and sell the old one cheap.
I use Lastpass Premium to to store all my passwords,and since I´m a IT consultant I have hundreds of VPN and server logins stored. 2-factor authentication is not enabled neither for Lastpass master login or for the majority of the stored credentials so I really need to make sure that there is no way for an attacker to gain access to my vault.
What steps can I take to make sure my data is safe? As I understand each device with Lastpass keeps a cached copy. So even If I change my master password an attacker might be able to restore that file from the file system and, given he has full access to the phone, find the (old but still valid) password written to disk by some obscure driver deep down in Android.
If the risks involved by selling my old phone is deemed to high, I am willing to crush it with a hammer ( if that is secure enough will be a follow-up question :-)
Preemptive EDIT: I enabled 2-factor authentication for Lastpass master login.
EDIT: I will of course do a phone reset and wipe/remove files before I sell the phone.
EDIT2: I believe my question is not a duplicate because it is not made by Nexus (resetting procedure prob. different), Android version differs, and I am particularly concerned about Lastpass which is not mentioned in the other question.